<?php
	require_once($_SERVER["DOCUMENT_ROOT"]."/global.php");
	require_once($_SERVER["DOCUMENT_ROOT"]."/modules/security_mod.php");
	require_once($_SERVER["DOCUMENT_ROOT"]."/modules/level_mod.php");
	require_once($_SERVER["DOCUMENT_ROOT"]."/modules/settings_mod.php");
	require_once($_SERVER["DOCUMENT_ROOT"]."/modules/permissions.php");
	require_once($_SERVER["DOCUMENT_ROOT"]."/npc_images.php");
	SecurityMod::login();

	$level = $_SESSION["account"]->getLevel();
	if ($level != "Admin")
		SecurityMod::logout();
        
        // check if there is enough data
	if (!v($_REQUEST, "pid") || !v($_REQUEST, "name") || !v($_REQUEST, "validation")) {
		header('location: accounts.php');
		exit;
	}

	// check if passwords match
	if (v($_REQUEST, "password") != v($_REQUEST, "password_confirm")) {
		header('location: accounts.php');
		exit;
	}

	// encrypt password if necessary
	if (SettingsMod::USE_ENCRYPTED_PASSWORDS) {
		$password = md5(v($_REQUEST, "password"));
	} else {
		$password = v($_REQUEST, "password");
	}
        
        $basic = 0;
        $advanced = 0;
        $admin = 0;
        $pfcsb = 0;
        $secret = 0;
        if (isset($_REQUEST['BASIC']))
            $basic = 1;
        if (isset($_REQUEST['ADVANCED']))
            $advanced = 1;
        if (isset($_REQUEST['ADMIN']))
            $admin = 1;
        if (isset($_REQUEST['PFCSB']))
            $pfcsb = 1;
        if (isset($_REQUEST['SECRET']))
            $secret = 1;

	AccountMod::addAccount(
		new Account(
			v($_REQUEST, "name"),
			$password,
			$_SESSION["account"]->getUniverse(),
			Permissions::DEFAULT_PERMISSIONS,
			v($_REQUEST, "level"),
                        v($_REQUEST, "validation"),
                        v($_REQUEST, "pid"),
                        $basic,
                        $advanced,
                        $admin,
                        $pfcsb,
                        $secret,
                        v($_REQUEST, "chatLevel")
		)
	);
?>
<html>
<head>
<script language="JavaScript" type="text/javascript">
    function showDetail(pid){
        var leftPos = 0;
        var topPos = 0;
        if (screen) {
            leftPos = (screen.width / 2) - 275;
            topPos = (screen.height / 2) - 390;
        }
        window.open("user_details.php?pid="+pid, "_blank", "width=550,height=780,scrollbars=1,resizable=1,left=" + leftPos + ",top=" + topPos);
        window.location.href = "accounts.php";
}
</script>

</head>
<body onload=" showDetail(<?php echo(v($_REQUEST, "pid")); ?>);">Body</body>
</html>
